Comment by AntiAmericanismBrit on 17/09/2023 at 21:42 UTC

2 upvotes, 1 direct replies (showing 1)

View submission: Support for gzip compression

Gemini uses TLS encryption. So in the spirit of "get the underlying library to do as much as possible" I would suggest turning on TLS compression.

This can be done without any change to the Gemini protocol, it should just be a simple change to the parameters we're giving to the TLS library somewhere.

Replies

Comment by niutech at 21/09/2023 at 22:18 UTC*

1 upvotes, 1 direct replies

While it looks like a good idea, TLS compression is prone to CRIME[1]/BREACH[2] attack.

1: https://en.wikipedia.org/wiki/CRIME

2: https://www.breachattack.com/

My proposal doesn't require changing the Gemini protocol spec, just adds a convention of appending a query param e.g. `?__gemini_encoding=gzip`, which could be ignored by the server.